The threat landscape is changing drastically and worldwide no industry is left untouched by the growing number of cyberattacks. Cyber security has become a major risk item and, therefore, needs to be prioritized along with the business. Regardless of the size of the organization if you have data on the internet, it is vulnerable. Muqbil Ahmar (DC), Executive Editor, Greyhead Media in conversation with Shrenik Bhayani (SB), General Manager South Asia, Kaspersky Labs discusses the growing cyber security challenges as organizations undergo digital transformation.
DC: Security for IOT devices is of paramount importance due to its criticality. Imagine the prospects of pacemakers getting hacked or large financial transactions getting intercepted or an autonomous car getting remotely controlled. Such compromised systems can result in a major security breach. Today, there are millions of IoT devices. According to Gartner, the number of IoT devices will increase to 25 billion by 2021. How are you going to tackle this problem?
SB: As the number of IOT devices keeps increasing, the number of malware being detected due to those devices is also increasing. At Kaspersky Labs we have detected a big jump in IOT malwares from 2015 to 2018. We expect the data for 2019 to be double of 2018. This is a serious issue. Specifically around IOT, we have special operating systems which can work with connected devices.
On the other hand, I also think that IOT is fast becoming a buzzword. The real aspect of IOT needs to be understood. To me, even a smart vending coffee machine is an IOT device. A CCTV camera is also the same. If I am using a computer, I am aware that it needs an anti-virus, but if somebody is using an IP camera they don’t understand that security is key. If the awareness level rises, solutions would come. This is a big opportunity in the market because the number of IOT devices is growing remarkably every year. The deployment is far too large and complex.
DC: A lot of enterprises are adopting cloud and different variations of it, be it public, private, or hybrid. How do you plan to create a secure cloud environment?
SB: When someone offers you a cloud solution, you need to understand the element of security which is being covered by the provider. What kind of security is required by you as a user, who is going to consume the service? If a provider says it offers a secured environment, does it mean it is for you as a user or for the device of your choice too? The answer is probably no. When the service provider says it provides you with a secured environment, the security is on the services they offer. When you start using it on the device of your choice, the security aspect should also increase from the cloud perspective. For e.g., there are people who use Microsoft 365 service. The service is secured from Microsoft’s side, but when it is deployed and used by the user on the device of their choice, is that device also protected? That needs to be understood. A lot of people who are into cloud services take steps for delivering a secured service. But at a user level, I still think it is the decision of the user what kind of security they want to adopt.
Kaspersky Labs does have solutions benefiting such consumers. We have a consumer solution called KSC (Kaspersky Secure Cloud). It works on an adaptive security framework. For example, internet usage differs from person to person. Somebody can be an avid gamer, or doing banking or be an avid social media user. Therefore, Internet settings also need to differ. KSC benefits the consumer side and provides those details to the consumers and suggests the security settings beneficial for them. The product has been there for more than a year now. We also have to ensure that the costumer is aware of it. This is adaptive security for optimum user experience.
DC: Industrial control systems have often been targets for hackers and attackers. Enterprises are quite wary of such threats. How do you plan to instill confidence in them?
SB: The scope of such attacks can be much larger. If someone attacks the grid of a city, it not only impacts an organization, but the entire country. The challenge today is that there are two different environments within organizations: Operational Technology (OT) and Information Technology (IT). OT has SCADA systems, whereas the IT person understands only the IT environment. It is difficult for an OT person to understand the IT aspect of it and the vice versa. There is need for someone who can work as a bridge between them. Two years back this was a bigger challenge, but now people have realized if they don’t act on it, it will be a challenge for the organization. Customers approach us wanting to know if we have a solution for this. The challenge is to integrate them with security service providers like us. We need to do these POCs and invest together in terms of providing a solution to the customer.
From our side, there are 2 aspects to it: assessment (where we do the testing in terms of vulnerability) and solutions.
DC: This is the age of innovation and out-of-the-box thinking. How are you planning to incorporate latest technologies such as Artificial Intelligence (AI), Machine Learning (ML), etc. in your security solutions to provide more teeth? In fact, ML and AI are already being used to automate threat detection. How are you leveraging these technologies?
SB: From a security viewpoint, the concept that we use is called HU: a combination of Humans and Machines. This is where our Global Research Team comes into play. We have researchers in India as well. For a human being, it is impossible to analyze the data just by looking at it. So, we use elements of ML and other technologies to find out what is going on. Once this is done and some information is available, the human brains start working on it. This is how we are able to detect dangerous malwares.
Threats can be specific to a country, a vertical or a customer. We use a combination of AI and ML tools to understand the information. We then boot it into a format where someone can apply the logic in the patterns and come out with a report around it. The customers always want to know the action to a solution that can make them secure from a possible threat and that is what we bring across in our reports. These reports are based on subscription and threat data feeds through which we offer different portfolios to our customers.
DC: The level of cyber security awareness in a country like India is low. Companies dealing with cyber security need to increase that quotient. How do you raise the awareness about cyber security among the masses? Are you planning any campaign for generating public awareness?
SB: How can somebody find out if it is a phishing mail? We have a cloud platform for security awareness. It’s not just for a general user, but also for a corporation that has 10,000 users. The CISO has to ensure that the users have a basic understanding of cyber security so that they know how to use it and the factors involved. In my view, people should know about phishing and the impacts. The information and learning can come to a user only if the user is taught in a systematic way along with his/her daily work. If there are such emails coming in on a day-to-day basis, there are solutions from our end that we can put across to corporations.
We are also proposing a discussion with the Government of India around Cyber Swachhata, which aims to bring basic awareness about cyber security to users. It is still at a raw stage even from the government side, but we are more than happy to partner and leverage our platform. I feel it is a huge task to get it down to the citizen level, but even if it gets to the corporation or government level, I think we would have achieved a big milestone.